https://opslife.co.uk/kubernetes/Recent content in Kubernetes on Opslifeuk LimitedHugo -- gohugo.ioen-gbSun, 07 Jun 2020 00:29:48 +0100https://opslife.co.uk/kubernetes/memory/Sat, 13 Jun 2020 17:40:34 +0100https://opslife.co.uk/kubernetes/memory/By default, the JVM’s maximum heap size is 1/4 of the physical memory available - you can read about this in the Oracle GC tuning guide. This means that if you don’t define -Xmx in your JVM parameters, the container will set 1/4 of the host memory as the maximum heap size. On a recent enough JVM (8u191+ and 10+), the JVM is container-aware: if you set a Kubernetes resource limit, the JVM uses that limit rather than the host’s memory to size the heap.https://opslife.co.uk/kubernetes/secrets/Fri, 12 Jun 2020 14:00:33 +0100https://opslife.co.uk/kubernetes/secrets/A Service Account provides an identity for processes that run in a pod. When processes inside a pod contact the API server, they are authenticated as a particular Service Account. Create a Service Account using the YAML below. apiVersion: v1 kind: ServiceAccount metadata: name: sa-app-name namespace: namespace-name Once the Service Account is created, you can reference it in your pod spec: apiVersion: v1 kind: Pod metadata: name: app-name spec: serviceAccountName: sa-app-name Now on to Kubernetes Secrets.